Zero Trust Architecture Dataset (ZTAD)

Data Format: The format of the dataset is CSV format.- Size of Dataset: The size of the dataset is 3.84 Go with 7,068,103 rows and 18 columns.- The summary of the attributes:1) Date: Date of the event, in the format MM\/DD\/YYYY.2) Time: Time of day, expressed in 24-hour format HH:MM.3) Timezone: Time zone specified during processing.4) MACB: Associated with actions performed on a file in a file system: M for modification, A for access, C for change, B for creation.5) Source: Short name of the source.6) Sourcetype: More detailed description of the source.7) Type: Type of event, for example, network connection, file modification, program execution, etc.8) User: Username associated with the entry.9) Host: Hostname associated with the entry.10) Short: Brief description of the entry, typically containing less text than the full description field.11) Desc: Description.12) Version: Version number of the timestamped object.13) Filename: Filename with the full path of the artifact that was analyzed.14) Inode: Node index; metadata address of the file being analyzed; used in Unix file systems to uniquely identify files.15) Notes: Some input modules insert additional information as a note.16) Format: Name of the module used to analyze the file.17) Extra: Additional analyzed information.-- Filesize: The file size in bytes.-- File_system_type: The type of file system where the file is stored, e.g., ext4, NTFS, etc.-- Is_allocated: An indicator showing whether the disk space allocated for the file is used or not.-- Sha256_hash: The SHA-256 hash of the file content, used to uniquely identify the file content.-- Reporter: Refers to the source or origin of the data, such as a program or system that generated a specific record during a forensic analysis.-- Attribute Names: Corresponds to the names of various characteristics or information, such as date, time, and type of activity recorded for each event analyzed in a digital investigation.18) Label of the MITRE ATT&CK Tactics.